<?php
/**
 * $Author: BEESCMS $
 * ============================================================================
 * 网站地址: http://www.beescms.com
 * 您只能在不用于商业目的的前提下对程序代码进行修改和使用；
 * 不允许对程序代码以任何形式任何目的的再发布。
 * ============================================================================
*/

define('CMS','true');
include('includes/init.php');
require_once('includes/fun.php');
require_once("alipay.config.php");
require_once('includes/lib.php');
$action=isset($_REQUEST['action'])?trim($_REQUEST['action']):'list';
$lang=isset($_REQUEST['lang'])?trim($_REQUEST['lang']):'cn';
if(file_exists(LANG_PATH.'lang_'.$lang.'.php')){include(LANG_PATH.'lang_'.$lang.'.php');}//语言包缓存,数组$language
$_confing=get_confing($lang);
$tpl->template_dir=TP_PATH.$_confing['web_template'].'/';
$tpl->template_lang=$lang;
$tpl->template_is_cache=0;
$tpl->assign('lang',$lang);
$tpl->assign('act',$action);

if($action=='list'){
	//print_R($_SESSION);die;
		$sql="select count(*) as count from ".DB_PRE ."video ";


	if(!$GLOBALS['mysql']->fetch_rows($sql)){die("<script type=\"text/javascript\">alert('视频暂时不存在!');history.go(-1);</script>");}
	$rel=$GLOBALS['mysql']->fetch_asc($sql);
	$pagesize=12;
	$total=ceil($rel[0]['count']/$pagesize);
	//print_r($rel[0]['count']);die;
	$page=array();
	$limit=$_GET['page'];
	$page['num']=$rel[0]['count'];
	if($_GET['page']>$total){
		$_GET['page']=$total;
	}
	if($_GET['page']>1 ){
			
		$limit=($_GET['page']-1)*$pagesize;

		    $page['up']=$_GET['page']-1;
			
			$page['now']=$_GET['page'];
			$page['total']=$total;
			if($total>$_GET['page']){
				$page['down']=$_GET['page']+1;
			}

	
	}else{
		$limit=0;
		if($total>1){
				$page['down']=2;
		}
			$page['now']=1;
			$page['total']=$total;
	}
	
		$sql="select *  from ".DB_PRE ."video limit $limit,$pagesize ";


//print_r($page);die;
	$rels=$GLOBALS['mysql']->fetch_asc($sql);
	$tpl->assign('list_video',$rels);
	$tpl->assign('page',$page);

	//print_r($page);
		$tpl->display('video_list');
}
if($action=='product'){
	$vid=intval($_GET['id']);
	$sql="select * from ".DB_PRE ."video where video_id='{$vid}'";
	if(!$GLOBALS['mysql']->fetch_rows($sql)){die("<script type=\"text/javascript\">alert('视频暂时不存在!');history.go(-1);</script>");}
	$rel=$GLOBALS['mysql']->fetch_asc($sql);
	//print_r($rel);die;

	if(empty($_SESSION['member_user'])&&empty($_SESSION['member_id'])&&!$_SESSION['member_login']){die('<script type="text/javascript">location.href=\'member.php?action=login&lang='.$lang.'\';</script>');}
	if($rel[0]['video_price']){
	if($_SESSION['member_user']){
			
		$sql="select * from ".DB_PRE."video_order where vid={$vid} and uid={$_SESSION['member_id']} and status=1 order by id desc ";
		//echo $sql;die;
		$re=$GLOBALS['mysql']->fetch_asc($sql);
		
		if($re){
				$time=$re[0]['addtime']+($rel[0]['video_days']*86400);
			
			
			
				if($time>time()){
					$rel[0]['video_nurl']=$rel[0]['video_yurl'];
				}
		}
	}
	}else{
			$rel[0]['video_nurl']=$rel[0]['video_yurl'];
	}
	$sql1="select * from ".DB_PRE ."video where video_id!='{$vid}' limit 3";
	//if(!$GLOBALS['mysql']->fetch_rows($sql1)){die("<script type=\"text/javascript\">alert('视频暂时不存在!');history.go(-1);</script>");}
	$other=$GLOBALS['mysql']->fetch_asc($sql1);

	$tpl->assign('other',	$other);
	$tpl->assign('video',$rel);
	//print_R($other);die;
	$tpl->display('product_video');
}
if($action=='buy'){
	$vid=intval($_GET['id']);
	$sql="select * from ".DB_PRE ."video where video_id='{$vid}'";
	if(!$GLOBALS['mysql']->fetch_rows($sql)){die("<script type=\"text/javascript\">alert('视频暂时不存在!');history.go(-1);</script>");}
	$rel=$GLOBALS['mysql']->fetch_asc($sql);
	//print_r($rel);die;

	
	$tpl->assign('video',$rel);
	$tpl->display('video_buy');
}
if($action=='order'){
	if(empty($_SESSION['member_user'])&&empty($_SESSION['member_id'])&&!$_SESSION['member_login'])
		{die('<script type="text/javascript">location.href=\'?action=login&lang='.$lang.'\';</script>');}


	$vid=intval($_GET['id']);
	$sql="select * from ".DB_PRE ."video where video_id='{$vid}'";
	if(!$GLOBALS['mysql']->fetch_rows($sql)){die("<script type=\"text/javascript\">alert('视频暂时不存在!');history.go(-1);</script>");}
	$rel=$GLOBALS['mysql']->fetch_asc($sql);
	

	$sql="select * from ".DB_PRE ."video_order where uid={$_SESSION['member_id']} and vid={$rel[0]['video_id']}";
	$rels=$GLOBALS['mysql']->fetch_asc($sql);

	if($rels){

		if($rels[0]['status']){
				$time=$rels[0]['addtime']+($rel[0]['video_days']*86400);
				if($time>time()){
					
					die('<script type="text/javascript">location.href=?action=product&id={$vid};</script>');
				}else{
					$sql="update ".DB_PRE ."video_order set total='{$rel[0]['video_price']}',addtime=".time().",status=0 where id={$rels[0]['id']}";
					$mysql->query($sql);
					$orderid=$rels[0]['id'];
				}}else{
					$sql="update ".DB_PRE ."video_order set total='{$rel[0]['video_price']}',addtime=".time().",status=0 where id={$rels[0]['id']}";
				
					$mysql->query($sql);
					$orderid=$rels[0]['id'];
				}
		}
	if(!$orderid){
	$sql1="INSERT INTO `dxfs_video_order` (`uid` ,`total` ,`vid` ,`title` ,`addtime` ,`status`)VALUES ({$_SESSION['member_id']}, '{$rel[0]['video_price']}', '{$rel[0]['video_id']}', '{$rel[0]['video_name']}', ".time().", '0')";

	$GLOBALS['mysql']->query($sql1);
	$orderid=$GLOBALS['mysql']->insert_id();	
	}
	//print_r($rel);die;
	 $payment_type = "1";
        //必填，不能修改
    //服务器异步通知页面路径
     $notify_url = "http://www.dixfs.com/notify_url.php";
     //需http://格式的完整路径，不能加?id=123这类自定义参数
        //页面跳转同步通知页面路径
     $return_url = "http://www.dixfs.com/return_url.php";
        //需http://格式的完整路径，不能加?id=123这类自定义参数，不能写成http://localhost/
        //卖家支付宝帐户
      $seller_email = '2502934853@qq.com';
        //必填
        //商户订单号
      $out_trade_no =$orderid;
        //商户网站订单系统中唯一订单号，必填
        //订单名称
      $subject = $rel[0]['video_name'];
        //必填
        //付款金额
        $total_fee = $rel[0]['video_price'];
        //必填
        //订单描述
        $body = $rel['0']['video_name'];
        //商品展示地址
        $show_url = "http://www.dixfs.com/video.php?action=product&id={$id}";
        //需以http://开头的完整路径，例如：http://www.xxx.com/myorder.html
        //防钓鱼时间戳
        $anti_phishing_key = "";
        //若要使用请调用类文件submit中的query_timestamp函数
        //客户端的IP地址
        $exter_invoke_ip = "";
        //非局域网的外网IP地址，如：221.0.0.1


/************************************************************/

//构造要请求的参数数组，无需改动
$parameter = array(
		"service" => "create_direct_pay_by_user",
		"partner" => trim($alipay_config['partner']),
		"payment_type"	=> $payment_type,
		"notify_url"	=> $notify_url,
		"return_url"	=> $return_url,
		"seller_email"	=> $seller_email,
		"out_trade_no"	=> $out_trade_no,
		"subject"	=> $subject,
		"total_fee"	=> $total_fee,
		"body"	=> $body,
		"show_url"	=> $show_url,
		"anti_phishing_key"	=> $anti_phishing_key,
		"exter_invoke_ip"	=> $exter_invoke_ip,
		"_input_charset"	=> trim(strtolower($alipay_config['input_charset']))
);

//建立请求
	//print_r($parameter);die;
		$alipaySubmit = new AlipaySubmit($alipay_config);
		$html_text = $alipaySubmit->buildRequestForm($parameter,"get", "确认");
		echo ($html_text);


	
}


//用户中心
elseif($action=='main'){
	$url=$language['member_msg28'];
	$tpl->assign('position',get_dy_position($url));//位置
	if(empty($_SESSION['member_user'])&&empty($_SESSION['member_id'])&&!$_SESSION['member_login']){die('<script type="text/javascript">location.href=\'?action=login&lang='.$lang.'\';</script>');}
	$purview=$language['member_msg31'];
	if($_SESSION['member_purview']){
		$sql="select member_group_name from ".DB_PRE."member_group where id={$_SESSION['member_purview']}";
		$rel=$GLOBALS['mysql']->fetch_asc($sql);
		$purview=$rel[0]['member_group_name'];
		unset($rel);
	}
	$sql="select*from ".DB_PRE."member where id=".intval($_SESSION['member_id']);
	$rel=$GLOBALS['mysql']->fetch_asc($sql);
	$sql="select count(*) as ask,member from ".DB_PRE."ask where member=".$rel[0]['id']." group by member";
	$arr=$GLOBALS['mysql']->fetch_asc($sql);
	$ask_count=isset($arr[0]['ask'])?$arr[0]['ask']:'';
	unset($arr);
	$tpl->assign('ask_count',$ask_count);
	$tpl->assign('login_time',date('Y-m-d H:m:s',$rel[0]['member_time']));
	$tpl->assign('login_ip',$rel[0]['member_ip']);
	$tpl->assign('login_count',$rel[0]['member_count']);
	$tpl->assign('purview',$purview);
	$tpl->assign('member',$_SESSION['member_user']);
	$tpl->display('member_login');
}
//用户信息
elseif($action=='info'){
	$url=$language['member_msg28'];
	$tpl->assign('position',get_dy_position($url));//位置
	if(empty($_SESSION['member_user'])&&empty($_SESSION['member_id'])&&!$_SESSION['member_login']){die('<script type="text/javascript">location.href=\'?action=login&lang='.$lang.'\';</script>');}
	$sql="select*from ".DB_PRE."member where id=".$_SESSION['member_id'];
	$rel=$GLOBALS['mysql']->fetch_asc($sql);
	if(!empty($rel[0]['member_birth'])){$arr=explode('-',$rel[0]['member_birth']);}
	$tpl->assign('year',isset($arr['0'])?$arr['0']:'');
	$tpl->assign('month',isset($arr['1'])?$arr['1']:'');
	$tpl->assign('day',isset($arr['2'])?$arr['2']:'');
	$tpl->assign('info',$rel[0]);
	$tpl->display('member_login');
}
//处理用户信息
elseif($action=='save_info'){
	if(empty($_SESSION['member_user'])&&empty($_SESSION['member_id'])&&!$_SESSION['member_login']){die('<script type="text/javascript">location.href=\'?action=login&lang='.$lang.'\';</script>');}
	$birthdayYear=fl_html(fl_value(intval($_POST['birthdayYear'])));
	$birthdayMonth=fl_html(fl_value(intval($_POST['birthdayMonth'])));
	$birthdayDay=fl_html(fl_value(intval($_POST['birthdayDay'])));
	$sex=fl_html(fl_value(intval($_POST['sex'])));
	$sex=empty($sex)?0:$sex;
	$mail=fl_html(fl_value($_POST['mail']));
	$qq=fl_html(fl_value($_POST['qq']));
	$tel=fl_html(fl_value($_POST['tel']));
	$phone=fl_html(fl_value($_POST['phone']));
	$submit=$_POST['submit'];
	if(!empty($qq)){
	if(!check_str($qq,'/^[1-9][0-9]*$/')){die("<script type=\"text/javascript\">alert('{$language['member_msg15']}');history.go(-1);</script>");}
	}
	if(!empty($phone)){
	if(!check_str($phone,'/^[1-9][0-9]*$/')){die("<script type=\"text/javascript\">alert('{$language['member_msg16']}');history.go(-1);</script>");}
	}
	if(empty($submit)){die("<script type=\"text/javascript\">alert('{$language['member_msg17']}');history.go(-1);</script>");}
	$birth=$birthdayYear.'-'.$birthdayMonth.'-'.$birthdayDay;
	$sql="update ".DB_PRE."member set member_tel='{$tel}',member_phone='{$phone}',member_birth='{$birth}',member_sex =".$sex.",member_qq='{$qq}' where id={$_SESSION['member_id']}";
	$GLOBALS['mysql']->query($sql);
	die("<script type=\"text/javascript\">alert('{$language['member_msg18']}');history.go(-1);</script>");
}


?>
